Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ikP9WJJxdCGYjyhjVossSKAATaA.roa
File:                     ikP9WJJxdCGYjyhjVossSKAATaA.roa (raw, json)
Hash identifier:          LgU4H2hxoZDVdQ9uYOADvmTfTXJCNhaXWTHsEc1+InQ=
Subject key identifier:   8A:43:FD:58:92:71:74:21:98:8F:28:63:56:8B:2C:48:A0:00:4D:A0
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018983CF86E2C40129A1DAA349ECD8FCEC29
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ikP9WJJxdCGYjyhjVossSKAATaA.roa
Signing time:             Sun 23 Jul 2023 17:32:43 +0000
ROA not before:           Sun 23 Jul 2023 17:32:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49505
IP address blocks:        185.96.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:83:cf:86:e2:c4:01:29:a1:da:a3:49:ec:d8:fc:ec:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jul 23 17:32:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a43fd5892717421988f2863568b2c48a0004da0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:01:d1:e4:75:ee:08:8f:c6:33:6b:3b:7e:1b:
                    21:21:44:34:61:35:81:2f:0f:ac:28:80:f4:6d:f0:
                    60:8c:b4:0d:25:09:f0:57:0a:5d:63:9a:ab:f7:ab:
                    cf:2b:f7:8c:7e:fe:c0:4f:02:19:bc:77:ab:b4:3c:
                    75:c4:98:58:71:08:66:26:eb:d0:43:51:07:c5:46:
                    5a:6f:fa:cd:06:d2:d8:b2:cf:34:53:96:24:31:e4:
                    37:68:6f:c1:32:08:e0:9a:a6:7b:96:70:4a:82:03:
                    6e:c0:9f:c1:7f:fe:77:48:fd:13:d4:d5:f9:fd:0c:
                    15:05:ca:04:76:8b:b0:37:da:f9:27:69:4e:9e:ab:
                    5e:f5:58:86:cd:a4:b3:3f:49:9a:a5:80:f6:cd:71:
                    42:9d:53:d6:90:03:1d:5a:33:45:82:d7:bb:29:66:
                    50:41:4f:4e:57:db:97:68:bd:dd:98:c3:ff:b8:e7:
                    1f:bd:88:02:7a:2a:ef:03:12:c4:a7:ef:d9:0a:49:
                    05:71:d1:f6:82:9c:c2:69:6d:fc:97:bc:7b:c5:ce:
                    bf:c3:94:80:ec:59:a2:dd:87:03:1e:44:59:23:4d:
                    2e:90:0d:cf:56:80:2b:80:4c:d2:29:71:87:86:89:
                    89:eb:c1:18:dd:af:3c:da:f2:aa:8f:cd:f9:73:27:
                    3d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:43:FD:58:92:71:74:21:98:8F:28:63:56:8B:2C:48:A0:00:4D:A0
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ikP9WJJxdCGYjyhjVossSKAATaA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.96.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:93:e2:f3:89:8f:19:2b:07:b5:f1:0c:ee:14:b2:75:00:75:
         d6:9b:56:c3:44:af:9a:77:f9:68:d3:ec:b0:8b:5f:94:5f:1a:
         7a:ee:98:31:30:4c:2d:33:3d:b4:63:97:20:55:df:fb:5b:db:
         14:27:3d:1c:5d:05:30:fd:2a:87:4d:14:28:28:8f:15:0f:b8:
         96:53:9c:de:34:00:f7:a4:1c:08:35:c5:7b:e4:2b:66:7f:ad:
         a2:9d:1e:64:3e:19:e9:74:39:6e:2c:b7:78:dd:21:55:a9:99:
         91:93:df:6c:1c:bd:1f:87:21:53:55:aa:dc:51:14:4f:ce:bf:
         1e:9f:95:db:9b:ef:52:ef:47:d1:2b:0e:ee:ef:35:b5:af:9c:
         f5:e5:d1:f7:fb:ec:a5:c5:e2:01:e1:cf:c3:f4:6b:15:5e:44:
         b2:d0:b7:c6:4d:1f:32:e8:bd:60:6c:d1:92:f5:5a:df:28:11:
         fe:8a:af:2a:4f:32:09:44:80:ad:11:0b:f9:88:bf:a4:e0:4e:
         69:d6:c6:02:23:90:c1:0b:70:8c:b0:5e:2d:db:47:49:cc:06:
         d8:d4:e8:ed:7e:70:38:ff:3a:6e:63:0a:0b:47:0d:eb:2e:80:
         90:e4:01:22:4b:92:02:93:f1:c8:40:f8:ed:0a:4e:c3:06:3a:
         92:fc:d4:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmDz4bixAEpodqjSezY/OwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNzIzMTczMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQzZmQ1ODkyNzE3NDIxOTg4ZjI4NjM1NjhiMmM0OGEwMDA0ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgHR5HXuCI/GM2s7fhshIUQ0YTWB
Lw+sKID0bfBgjLQNJQnwVwpdY5qr96vPK/eMfv7ATwIZvHertDx1xJhYcQhmJuvQ
Q1EHxUZab/rNBtLYss80U5YkMeQ3aG/BMgjgmqZ7lnBKggNuwJ/Bf/53SP0T1NX5
/QwVBcoEdouwN9r5J2lOnqte9ViGzaSzP0mapYD2zXFCnVPWkAMdWjNFgte7KWZQ
QU9OV9uXaL3dmMP/uOcfvYgCeirvAxLEp+/ZCkkFcdH2gpzCaW38l7x7xc6/w5SA
7Fmi3YcDHkRZI00ukA3PVoArgEzSKXGHhomJ68EY3a882vKqj835cyc94QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpD/ViScXQhmI8oY1aLLEigAE2gMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvaWtQOVdKSnhkQ0dZanloalZvc3NTS0FBVGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWAkMA0G
CSqGSIb3DQEBCwUAA4IBAQCDk+LziY8ZKwe18QzuFLJ1AHXWm1bDRK+ad/lo0+yw
i1+UXxp67pgxMEwtMz20Y5cgVd/7W9sUJz0cXQUw/SqHTRQoKI8VD7iWU5zeNAD3
pBwINcV75Ctmf62inR5kPhnpdDluLLd43SFVqZmRk99sHL0fhyFTVarcURRPzr8e
n5Xbm+9S70fRKw7u7zW1r5z15dH3++ylxeIB4c/D9GsVXkSy0LfGTR8y6L1gbNGS
9VrfKBH+iq8qTzIJRICtEQv5iL+k4E5p1sYCI5DBC3CMsF4t20dJzAbY1OjtfnA4
/zpuYwoLRw3rLoCQ5AEiS5ICk/HIQPjtCk7DBjqS/NRh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org